This week in cybersecurity, two significant events came to light, involving a deceptive malware distribution campaign and a major technology company disclosing details about a third-party data breach. A campaign is actively using fraudulent “Windows Update” prompts to deploy malware onto user systems. In a separate incident, Salesforce has provided specific details regarding a security breach that occurred at its customer success platform vendor, Gainsight.

Malware Campaign Masquerades as Windows Update

A notable malware campaign has been identified using fake “Windows Update” notifications as its primary distribution vector. Attackers are leveraging the familiar and often trusted appearance of a system update to trick users into executing malicious code. This method is designed to bypass user suspicion by mimicking a legitimate and necessary computer maintenance process. The objective of the fraudulent update is to fuel the spread of malware by getting users to willingly initiate the installation.

Salesforce Discloses Gainsight Data Breach Information

Salesforce has officially released details concerning a data breach that affected Gainsight, one of its third-party vendors. The information provided by Salesforce confirms the security incident at the vendor, which provides customer success management software. The disclosure from Salesforce outlines the known facts surrounding the breach, bringing the incident to the attention of its stakeholders and the public. This announcement follows an investigation into the event at the third-party service provider.

Source: https://www.helpnetsecurity.com/2025/11/30/week-in-review-fake-windows-update-fuels-malware-salesforce-details-gainsight-breach/